2.5 Sources of random data

The shuf, shred, and sort commands
sometimes need random data to do their work. For example, ‘sort
-R’ must choose a hash function at random, and it needs random data to
make this selection.

Normally these commands use the device file ‘/dev/urandom’ as the
source of random data. Typically, this device gathers environmental
noise from device drivers and other sources into an entropy pool, and
uses the pool to generate random bits. If the pool is short of data,
the device reuses the internal pool to produce more bits, using a
cryptographically secure pseudorandom number generator.

‘/dev/urandom’ suffices for most practical uses, but applications
requiring high-value or long-term protection of private data may
require an alternate data source like ‘/dev/random’ or
‘/dev/arandom’. The set of available sources depends on your
operating system.

To use such a source, specify the ‘--random-source=file’
option, e.g., ‘shuf --random-source=/dev/random’. The contents
of file should be as random as possible. An error is reported
if file does not contain enough bytes to randomize the input
adequately.

To reproduce the results of an earlier invocation of a command, you
can save some random data into a file and then use that file as the
random source in earlier and later invocations of the command.

Some old-fashioned or stripped-down operating systems lack support for
/dev/urandom. On these systems commands like shuf
by default fall back on an internal pseudorandom generator initialized
by a small amount of entropy.